The worldwide situation right now due to COVID-19 is no less than a scene from an apocalyptic movie. It has forced most companies to reorganize their business processes and workforces in order to better cater for remote work or working from home. There were already many efficient tools available in the market to support remote work, but never has there been such an important catalyst to force their adoption and use.  With the onset of Covid-19, these solutions went from a nice idea to business critical applications and organizations had to integrate them into their infrastructure. So, it’s no surprise that the companies providing remote work solutions such as communication or virtualization tools saw more business during this period than they had seen in multiple years combined. Sometimes, it takes an extraordinary event to force a change into something that was logical all along.

Best practices for workstation security

One of the most common pathways chosen by the companies in terms of securing their laptop workstations for remote work was to provide access to their internal infrastructure via a virtual private network (VPN). However, VPN implementation comes with its own set of challenges and risks. Exposing internal infrastructure over the internet is always a risk for any organisation. It can attract a lot of attention from bad parties which can try to overload the VPN servers, force user account lockout, etc.  So, a good and resilient authentication mechanism is imperative. The easiest and quickest way to strengthen the authentication is to integrate multi-factor authentication and a lot of companies embraced it as a best practice.

Advanced workstation security using Thin Clients

While VPN + MFA does boost the security there are still a few challenges in the setup that, if not handled correctly, might have a negative impact. The biggest contributing factor to these challenges can be the user’s end device/endpoint. As it is usually a regular Windows PC, there’s no guarantee that it is completely secure and a person with some malicious intent will not be able get some benefit out of it. The most efficient way to tackle this is to have a thin client as an endpoint device as it can improve the security considerably. Some of the key advantages of having a thin client instead of a traditional PC are:

  • A read only file system which prevents the users from installing their own tools which might be a security risk, hence providing a zero-attack surface.
  • A central storage for all the data, meaning no sensitive data is stored on user’s device.
  • The devices can be managed remotely, so if needed, any security upgrades can be done efficiently and they will be applied no matter what

So, with this implementation, the end user doesn’t have just a secure link but a complete secure workspace to work in and the company can manage them efficiently.

Deploying and managing thin clients in the remote workspace

However, providing a thin client to all of the users for remote work can be a difficult task in itself in terms of logistics and costs. Also, some employees prefer to work on their personal laptops. To tackle this, ZeeTim provides a software based thin client solution known as ZeeTransformer, which allows you to convert an existing computer hardware to a secure thin client. The user just has to insert a USB and he can fully convert his device or use the secure environment for work and upon removing the USB, can recover the original operating system. It’s a simple plug and play solution and there’s no other configuration that the user needs to do.

ZeeTim also provides a simple to use yet a very powerful configuration tool known as ZeeConf along with the thin client solution to manage the endpoint devices. It provides very granular access to different configurations allowing the companies to take the full advantage of the platform.

Security Benefits of Thin Clients vs VPNs

In conclusion we can say that:

  1. VPN alone is not secure enough for secure access. MFA is a first step towards it, although not sufficient.
  2. Thin clients can provide a much more secure endpoint option for remote work than compared to a PC. 
  3. Companies do not necessarily need to invest in expensive thin client hardware. They can easily transform users’ existing PCs into secure thin client endpoints using ZeeTransformer and manage them centrally using ZeeConf

To know more, get a free trial of ZeeTransformer, or please get in touch with ZeeTim and we will be glad to take you through our endpoint solution for any type of virtualization infrastructure.